Jitsi Meet abandons anonimity promise (opens in new tab)

(reclaimthenet.org)

80 pointspacija2y ago42 comments

42 comments

yakcyll2y ago

This was talked about before here: https://news.ycombinator.com/item?id=37316959

I assume this move, in essence, is meant to combat spam?

ComputerGuru2y ago

what went unsaid but very heavily implied in the Jitsi announcement was that it was (allegedly) CSAM and not mere spam.

Aspie2y ago

I have proof of it being because of CSAM in as of late 8x8 rooms. Would you like me to post the links to the currently active rooms?

xulres2y ago

Stop with the allegedly it was a anonymous service that was reachable from onion. There is no question at all that there was CSAM shared over it. I don't care about the rest but all this "allegedly" shit in regards of CSAM gets on my nerves. I actually thought people here either work in bigger corps or have experience in running services themselves and would know about the real size of the CSAM problem. But I guess not, ignorance is bliss.

Also it's only their hosted for profit service. Use the fsf instance if you feel violated by a user account. https://jitsi.member.fsf.org/

ComputerGuru2y ago

I personally think it was likely/almost certainly the case. That doesn’t change the fact that without sufficient actual evidence it remains “allegedly.”

2 more replies

yieldcrv2y ago

“allegedly” aside, is this the only way to tackle the CSAM problem? I get a whif of a false dilemma here but I’m not sure if I have a blindspot

is requiring Oauth from Facebook, Google or Github for hosts something meaningful, necessary or the obligation of Jitsi Meet to do at all

3 more replies

remirk2y ago

I personally have no issue with having to log-in to use the hosted Jitsi and have it store that I created a room. That's a small price to pay for the longevity of the service.

If logging in is an issue, you're still able to selfhost Jitsi just fine.

Edit: this article feels like blogspam to me. https://jitsi.org/blog/authentication-on-meet-jit-si/ is the source the article refers to.

throw_pm232y ago

What about having to log in with a Google/Facebook/MS account as opposed to a Jitsi account?

1 more reply

zaggynl2y ago

ON THE PUBLIC JITSI-MEET DEMO SERVER https://meet.jit.si/!

Selfhost jitsi-meet!

It isn't rocket science: https://jitsi.github.io/handbook/docs/devops-guide/devops-gu...

sebmaynard2y ago

Even easier with docker/docker-compose

https://jitsi.github.io/handbook/docs/devops-guide/devops-gu...

Kim_Bruning2y ago

Making a separate account on Jitsi would have been fine, but they only allow use of existing centralized account systems from github (microsoft), facebook, or google.

That's Not Good(tm).

Good thing Self-hosting still works I guess. Will have to set it up.

redserk2y ago

Managing a public authentication service requires ongoing maintenance and monitoring costs. While they could pay a third party to manage it for them, this is a reasonable decision for them to keep costs low.

It doesn’t sound like Jitsi is sending Facebook and Microsoft transcriptions of your meetings so I don’t see why this is a big concern for a free service.

layer82y ago

It requires you to have a Microsoft/Facebook/Google account in the first place.

LightHugger2y ago

Google/microsoft authentication is a platform risk and is basically saying those third parties own all your users. It can and does backfire all the time.

itake2y ago

Self hosting isn’t exactly anonymous either.

rebeccaskinner2y ago

Anonymity is in the eyes of the beholder. In this case, self-hosting might make your interactions "anonymous" in the eyes of Google, Microsoft, or Meta, even if it doesn't make you anonymous to whatever platform you use to host the software.

reflexe2y ago

Maybe it is just my mood, but this blog's full screen newsletter subscription banner on mobile is much more infuriating than whatever Jitsi did (screenshot: https://imgur.com/a/fSEyZ8x)

philipwhiuk2y ago

"Other Site Abandons Anonymity" says website which puts large "Sign Up" prompts on first-use and below every article.

Slightly hypocritical reclaimthenet

m-p-32y ago

That's what happen when awful people abuse nice things.

Those bad actors and privacy-conscious people (both entirely distinct group, just in case it looks like I'm putting those two in the same category..) can still self-host their own Jitsi Meet server if they want to.

Terretta2y ago

Most such tools can no longer afford their stance once adoption passes a threshold.

Why that might be is often revealed on techdirt:

- https://www.techdirt.com/edition/freespeech/

For other reasons, see also:

- https://mattfrisbie.substack.com/p/the-ugly-business-of-mone...

- https://github.com/extesy/hoverzoom/discussions/670

prmoustache2y ago

people keep mixing the service and the software it seems.

moomin2y ago

Could a mod fix the spelling, please?

snowstormsun2y ago

Isn't webrtc leaking the IPs of call participants anyways, regardless of which service?

Sean-Der2y ago

If you are going through Jitsi (a SFU) all your media goes through them.

If you are doing P2P then you will be able to get the remote's IP address.

j / k navigate · click thread line to collapse

42 comments

yakcyll2y ago

This was talked about before here: https://news.ycombinator.com/item?id=37316959

I assume this move, in essence, is meant to combat spam?

ComputerGuru2y ago

what went unsaid but very heavily implied in the Jitsi announcement was that it was (allegedly) CSAM and not mere spam.

Aspie2y ago

I have proof of it being because of CSAM in as of late 8x8 rooms. Would you like me to post the links to the currently active rooms?

xulres2y ago

Also it's only their hosted for profit service. Use the fsf instance if you feel violated by a user account. https://jitsi.member.fsf.org/

ComputerGuru2y ago

I personally think it was likely/almost certainly the case. That doesn’t change the fact that without sufficient actual evidence it remains “allegedly.”

2 more replies

yieldcrv2y ago

“allegedly” aside, is this the only way to tackle the CSAM problem? I get a whif of a false dilemma here but I’m not sure if I have a blindspot

is requiring Oauth from Facebook, Google or Github for hosts something meaningful, necessary or the obligation of Jitsi Meet to do at all

3 more replies

remirk2y ago

I personally have no issue with having to log-in to use the hosted Jitsi and have it store that I created a room. That's a small price to pay for the longevity of the service.

If logging in is an issue, you're still able to selfhost Jitsi just fine.

Edit: this article feels like blogspam to me. https://jitsi.org/blog/authentication-on-meet-jit-si/ is the source the article refers to.

throw_pm232y ago

What about having to log in with a Google/Facebook/MS account as opposed to a Jitsi account?

1 more reply

zaggynl2y ago

ON THE PUBLIC JITSI-MEET DEMO SERVER https://meet.jit.si/!

Selfhost jitsi-meet!

It isn't rocket science: https://jitsi.github.io/handbook/docs/devops-guide/devops-gu...

sebmaynard2y ago

Even easier with docker/docker-compose

https://jitsi.github.io/handbook/docs/devops-guide/devops-gu...

Kim_Bruning2y ago

Making a separate account on Jitsi would have been fine, but they only allow use of existing centralized account systems from github (microsoft), facebook, or google.

That's Not Good(tm).

Good thing Self-hosting still works I guess. Will have to set it up.

redserk2y ago

It doesn’t sound like Jitsi is sending Facebook and Microsoft transcriptions of your meetings so I don’t see why this is a big concern for a free service.

layer82y ago

It requires you to have a Microsoft/Facebook/Google account in the first place.

LightHugger2y ago

Google/microsoft authentication is a platform risk and is basically saying those third parties own all your users. It can and does backfire all the time.

itake2y ago

Self hosting isn’t exactly anonymous either.

rebeccaskinner2y ago

reflexe2y ago

Maybe it is just my mood, but this blog's full screen newsletter subscription banner on mobile is much more infuriating than whatever Jitsi did (screenshot: https://imgur.com/a/fSEyZ8x)

philipwhiuk2y ago

"Other Site Abandons Anonymity" says website which puts large "Sign Up" prompts on first-use and below every article.

Slightly hypocritical reclaimthenet

m-p-32y ago

That's what happen when awful people abuse nice things.

Terretta2y ago

Most such tools can no longer afford their stance once adoption passes a threshold.

Why that might be is often revealed on techdirt:

- https://www.techdirt.com/edition/freespeech/

For other reasons, see also:

- https://mattfrisbie.substack.com/p/the-ugly-business-of-mone...

- https://github.com/extesy/hoverzoom/discussions/670